Atlassian JIRA 4.2.x < 5.1.1 Multiple XSS

Synopsis

Description

According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is 4.2.x prior to 5.1.1. It is, therefore, potentially affected by multiple cross-site scripting (XSS) vulnerabilities that allow a remote attacker to embed arbitrary JavaScript code in a JIRA page.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.